SOLVED Install lets encrypt no mirrors & connection refused

Delmore

Member
Nov 24, 2021
14
2
3
France
cPanel Access Level
Root Administrator
CentOS v7.9.2009 [ns3085456] v100.0.11 Load Averages: 0.11 0.08 0.09

Hello guys,

I have an issue when I try to install lets encrypt plugin to be used as a SSL certificat provider. I followed multiple tuto & documentation (eg: The Let's Encrypt Plugin | cPanel & WHM Documentation)

Problem is when I try to run the command :

/usr/local/cpanel/scripts/install_lets_encrypt_autossl_provider

The output is the following:

Could not retrieve mirrorlist http://httpupdate.cpanel.net/ea4-c7-x86_64-mirrorlist error was
14: curl#7 - "Failed connect to httpupdate.cpanel.net:80; Connection refused"
...
Cannot find a valid baseurl for repo: EA4/7/x86_64


Also, i figured out that even a simple yum update is prompting same error message.

I searched a bit on the forum, I did not found a single working solution.

These info. might help you :

Content of /etc/yum.repos.d/EA4.repo

Output of ls -lah /etc/yum.repos.d

total 84K
drwxr-xr-x. 2 root root 4.0K May 18 13:16 .
drwxr-xr-x. 100 root root 12K May 18 13:14 ..
-rw-r--r--. 1 root root 1.7K Nov 23 2020 CentOS-Base.repo
-rw-r--r--. 1 root root 1.3K Nov 23 2020 CentOS-CR.repo
-rw-r--r--. 1 root root 649 Nov 23 2020 CentOS-Debuginfo.repo
-rw-r--r--. 1 root root 314 Nov 23 2020 CentOS-fasttrack.repo
-rw-r--r--. 1 root root 630 Nov 23 2020 CentOS-Media.repo
-rw-r--r--. 1 root root 1.3K Nov 23 2020 CentOS-Sources.repo
-rw-r--r--. 1 root root 8.4K Nov 23 2020 CentOS-Vault.repo
-rw-r--r--. 1 root root 616 Nov 23 2020 CentOS-x86_64-kernel.repo
-rw-r--r-- 1 root root 257 Feb 22 05:19 cPAddons.repo
-rw------- 1 root root 241 May 18 13:16 cpanel-plugins.repo
-rw-r--r-- 1 root root 1.9K Jan 5 07:22 docker-ce.repo
-rw-r--r--. 1 root root 204 Jun 22 2021 EA4.repo
-rw-------. 1 root root 792 Feb 14 03:07 Mysql57.repo
-rw-r--r-- 1 root root 474 Oct 19 2021 nodesource-el7.repo
Finally, i'm 100% sure that my iptables rule does not block 443 connection.

-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-N DOCKER
-N DOCKER-ISOLATION-STAGE-1
-N DOCKER-ISOLATION-STAGE-2
-N DOCKER-USER
-N cphulk
-A DOCKER -d 172.17.0.2/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 19999 -j ACCEPT
-A DOCKER -d 172.17.0.3/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 80 -j ACCEPT
-A DOCKER -d 172.17.0.4/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 80 -j ACCEPT
-A DOCKER-ISOLATION-STAGE-1 -i docker0 ! -o docker0 -j DOCKER-ISOLATION-STAGE-2
-A DOCKER-ISOLATION-STAGE-1 -j RETURN
-A DOCKER-ISOLATION-STAGE-2 -o docker0 -j DROP
-A DOCKER-ISOLATION-STAGE-2 -j RETURN
-A DOCKER-USER -j RETURN
/etc/resolv.conf does contains google DNS

I would like to repair my yum command & be able to install lets encrypt plugin again

Thanks
 

Attachments

Last edited:

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
10,360
1,630
363
cPanel Access Level
Root Administrator
What about doing the same with Google:

Code:
curl http://google.com
I specifically added the http:// there to make sure we're pulling the port 80 unsecured version. If that's working well, you should get a "301 moved permanently error" as it tries to force you to https.

You can also try this:

Code:
telnet httpupdate.cpanel.net 80
although if you don't have telnet installed you also may not be able to install it due to those issues.
 

Delmore

Member
Nov 24, 2021
14
2
3
France
cPanel Access Level
Root Administrator
For curl http://google.com

curl: (7) Failed to connect to 2a00:1450:4001:829::200e: Network is unreachable

I can not try telnet as it is not installed on my server & yum install does not work (see screenshot)
 

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
10,360
1,630
363
cPanel Access Level
Root Administrator
It definitely seems like there are outbound connection issues with the machine outside of cPanel and Yum tools. Once those are resolved I would expect everything else to work normally. You may need to speak with your provider about this issue.
 

Delmore

Member
Nov 24, 2021
14
2
3
France
cPanel Access Level
Root Administrator
It definitely seems like there are outbound connection issues with the machine outside of cPanel and Yum tools. Once those are resolved I would expect everything else to work normally. You may need to speak with your provider about this issue.
Our provider is OVH and they told us that they can not do anything considering it's a dedicated server.

For now, nothing have changed. The server is in an useless state and I don't know what to do.
Everything is blocked like if the server is disconnected from the internet ...

Never touched iptables, never touched network config, the only thing I did was trying to install LetsEncrypt plugin, it failed so I tried yum update, also failed. Always a connection refused/network unreachable issue.

Also I saw that yum clean all could possibly change something , I tried, nothing changed
 

Delmore

Member
Nov 24, 2021
14
2
3
France
cPanel Access Level
Root Administrator
Thanks to the support problem is solved.

I had to reload the cPanel firewall rules using :

/usr/local/cpanel/scripts/configure_firewall_for_cpanel

and since I could not yum install to make systemctl working with iptables, I rebooted WHM.
After the reboot, all worked as expected.

You guys rock !